Category Started On Completed On Duration Cuckoo Version
FILE 2014-07-11 11:27:02 2014-07-11 11:28:59 117 seconds 1.2-dev
Machine Label Manager Started On Shutdown On
machine4 xpmachine4 VirtualBox 2014-07-11 11:27:03 2014-07-11 11:28:59

File Details

File name report_id_875893475983475934759384.exe
File size 114176 bytes
File type PE32 executable (GUI) Intel 80386, for MS Windows
CRC32 E97FD37E
MD5 83254d8bf9ca7179f20e85f153dd3b2d
SHA1 7dee0dba027f5e4cbc8ab495e2f5006b27371cd4
SHA256 54b230b1df51ba36d7b38e17bcc7b2f5d5ad0d05e2b8dc94893cf47d6d3c1e84
SHA512 9cced9a09a0d05a5a3a669c3af4a1c16e387ea74dd15e8f7feb747429b431b76c24c622e805303006796875e56d09ea67ac6b37e14987a5a4a5661598617624e
Ssdeep None
PEiD None matched
Yara None matched
VirusTotal Permalink
VirusTotal Scan Date: 2014-07-11 15:17:02
Detection Rate: 13/54 (Expand)

Signatures

File has been identified by at least one AntiVirus on VirusTotal as malicious
Installs itself for autorun at Windows startup

Screenshots

Static Analysis

Version Infos

Sections

Imports

Strings

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

Behavior Summary

Files
  • C:\
Mutexes Nothing to display.
Registry Keys
  • HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Disk\Enum
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall

Processes

registry filesystem process services network synchronization

report_id_875893475983475934759384.exe PID: 516, Parent PID: 1796

Volatility

Nothing to display.